TOKENADM(8) - System Manager's Manual

TOKENADM(8) - System Manager’s Manual #

TOKENADM(8) - System Manager’s Manual

NAME #

activadm, cryptoadm, snkadm - manage the ActivCard, CRYPTOCard and SNK-004 token databases

SYNOPSIS #

tokenadm [-1BDdEeRrT] [-m [-]mode] [user …]

DESCRIPTION #

The tokenadm utility displays and edits user entries in the various token databases. It may also be invoked as one the following: activadm, cryptoadm, or snkadm.

The options are as follows:

-1

Display users, one per line.

-B

Display users with no banner.

-D

Display disabled users.

-d

Disable users without removing them from the database. This prevents the users from authenticating, but does not lose their shared secret. The -m flag may also be used with the -d flag.

-E

Display enabled users.

-e

Enable users. This should be used to re-enable users who were disabled by the -d flag. The -m flag may also be used with the -e flag.

-m [-]mode

Add [or remove] the specified mode of authentication for the user. Modes available are decimal (dec), hexadecimal (hex), phonebook (phone), and reduced-input (rim). Not all modes are available for all types of cards. The -m flag may be used alone or in conjunction with either the -d or -e flags. Whenever reduced-input mode is set, the reduced-input state is reset. This should be done if a paper copy of challenge/responses had been produced and then misplaced.

-R

Display users in reverse order.

-r

Remove users from the database.

-T

Display users in terse format (only the user names). Unless -1 is also specified, four users will be displayed per line.

Use of any of the -1BDERT flags precludes the use of any of the -demr flags. The -demr flags all require at least one user argument.

SEE ALSO #

x99token(1), login.conf(5), login_token(8), tokeninit(8)

OpenBSD 7.5 - March 31, 2022